\section{Conclusion}
\label{sec:conclusion}

We address a common race condition and path resolution attack by providing a pragmatic tool to help stop them.  This is done by extending the basic file metadata with an immutable history log.  We intend that this mechanism would be incorporated into a kernel-level reference monitor to aid in labeling resources with trust classes and thereby provide a mechanism for applying meaningful labels in support of some security policy.

What we do not do is analyze attacks on our own system, nor evaluate the robustness of our implementation against adversary action.  For future work, we would like to demonstrate the effectiveness of this method against a determined adversary like STING.

